function newClient() - QRCode

1. function newClient() {
2. ENDPOINT="${SERVER_PUB_IP}:${SERVER_PORT}"
3.  
4. echo ""
5. echo "Tell me a name for the client."
6. echo "The name must consist of alphanumeric character. It may also include an underscore or a dash and can't exceed 15 chars."
7.  
8. until [[ ${CLIENT_NAME} =~ ^[a-zA-Z0-9_-]+$ && ${CLIENT_EXISTS} == '0' && ${#CLIENT_NAME} -lt 16 ]]; do
9. read -rp "Client name: " -e CLIENT_NAME
10. CLIENT_EXISTS=$(grep -c -E "^### Client ${CLIENT_NAME}\$" "/etc/wireguard/${SERVER_WG_NIC}.conf")
11.  
12. if [[ ${CLIENT_EXISTS} == '1' ]]; then
13. echo ""
14. echo "A client with the specified name was already created, please choose another name."
15. echo ""
16. fi
17. done
18.  
19. for DOT_IP in {2..254}; do
20. DOT_EXISTS=$(grep -c "${SERVER_WG_IPV4::-1}${DOT_IP}" "/etc/wireguard/${SERVER_WG_NIC}.conf")
21. if [[ ${DOT_EXISTS} == '0' ]]; then
22. break
23. fi
24. done
25.  
26. if [[ ${DOT_EXISTS} == '1' ]]; then
27. echo ""
28. echo "The subnet configured supports only 253 clients."
29. exit 1
30. fi
31.  
32. BASE_IP=$(echo "$SERVER_WG_IPV4" | awk -F '.' '{ print $1"."$2"."$3 }')
33. until [[ ${IPV4_EXISTS} == '0' ]]; do
34. read -rp "Client's WireGuard IPv4: ${BASE_IP}." -e -i "${DOT_IP}" DOT_IP
35. CLIENT_WG_IPV4="${BASE_IP}.${DOT_IP}"
36. IPV4_EXISTS=$(grep -c "$CLIENT_WG_IPV4/24" "/etc/wireguard/${SERVER_WG_NIC}.conf")
37.  
38. if [[ ${IPV4_EXISTS} == '1' ]]; then
39. echo ""
40. echo "A client with the specified IPv4 was already created, please choose another IPv4."
41. echo ""
42. fi
43. done
44.  
45. BASE_IP=$(echo "$SERVER_WG_IPV6" | awk -F '::' '{ print $1 }')
46. until [[ ${IPV6_EXISTS} == '0' ]]; do
47. read -rp "Client's WireGuard IPv6: ${BASE_IP}::" -e -i "${DOT_IP}" DOT_IP
48. CLIENT_WG_IPV6="${BASE_IP}::${DOT_IP}"
49. IPV6_EXISTS=$(grep -c "${CLIENT_WG_IPV6}/64" "/etc/wireguard/${SERVER_WG_NIC}.conf")
50.  
51. if [[ ${IPV6_EXISTS} == '1' ]]; then
52. echo ""
53. echo "A client with the specified IPv6 was already created, please choose another IPv6."
54. echo ""
55. fi
56. done
57.  
58. # Generate key pair for the client
59. CLIENT_PRIV_KEY=$(wg genkey)
60. CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
61. CLIENT_PRE_SHARED_KEY=$(wg genpsk)
62.  
63. # Home directory of the user, where the client configuration will be written
64. if [ -e "/home/${CLIENT_NAME}" ]; then
65. # if $1 is a user name
66. HOME_DIR="/home/${CLIENT_NAME}"
67. elif [ "${SUDO_USER}" ]; then
68. # if not, use SUDO_USER
69. if [ "${SUDO_USER}" == "root" ]; then
70. # If running sudo as root
71. HOME_DIR="/root"
72. else
73. HOME_DIR="/home/${SUDO_USER}"
74. fi
75. else
76. # if not SUDO_USER, use /root
77. HOME_DIR="/root"
78. fi
79.  
80. # Create client file and add the server as a peer
81. echo "[Interface]
82. PrivateKey = ${CLIENT_PRIV_KEY}
83. Address = ${CLIENT_WG_IPV4}/32,${CLIENT_WG_IPV6}/128
84. DNS = ${CLIENT_DNS_1},${CLIENT_DNS_2}
85.  
86. [Peer]
87. PublicKey = ${SERVER_PUB_KEY}
88. PresharedKey = ${CLIENT_PRE_SHARED_KEY}
89. Endpoint = ${ENDPOINT}
90. AllowedIPs = 0.0.0.0/0,::/0" >>"${HOME_DIR}/${SERVER_WG_NIC}-client-${CLIENT_NAME}.conf"
91.  
92. # Add the client as a peer to the server
93. echo -e "\n### Client ${CLIENT_NAME}
94. [Peer]
95. PublicKey = ${CLIENT_PUB_KEY}
96. PresharedKey = ${CLIENT_PRE_SHARED_KEY}
97. AllowedIPs = ${CLIENT_WG_IPV4}/32,${CLIENT_WG_IPV6}/128" >>"/etc/wireguard/${SERVER_WG_NIC}.conf"
98.  
99. systemctl restart "wg-quick@${SERVER_WG_NIC}"
100.  
101. echo -e "\nHere is your client config file as a QR Code:"
102.  
103. qrencode -t ansiutf8 -l L <"${HOME_DIR}/${SERVER_WG_NIC}-client-${CLIENT_NAME}.conf"
104.  
105. echo "It is also available in ${HOME_DIR}/${SERVER_WG_NIC}-client-${CLIENT_NAME}.conf"
106. }